zxcasdqwe
Badges: 0
Rep:
?
#1
Report Thread starter 6 years ago
#1
Hi there I'm currently studying for my Graded Unit in admin and IT and I've been given a sample question that I don't quite understand. I was wondering if anyone could explain it to me a bit.
0
reply
nonswimmer
Badges: 11
Rep:
?
#2
Report 6 years ago
#2
- Admin staff shouldn't be sharing logon and password details

- If there are no management protocols in place for files then audit is impossible therefore how would you know if someone was pilfering data

- There's probably a sneaky little security risk in sharing printers that way, if secure dox are being printed then they should be using print stations with password release
1
reply
$hadow
Badges: 11
Rep:
?
#3
Report 6 years ago
#3
(Original post by zxcasdqwe)
Hi there I'm currently studying for my Graded Unit in admin and IT and I've been given a sample question that I don't quite understand. I was wondering if anyone could explain it to me a bit. I've to identify 4 security issues in the following case study:




I can think identify maybe one and it would just be a security issue with using remote access in general... what am I missing?


any help appreciated.
1) Windows XP operating system - Outdated, and windows is highly hackable/prone to viruses due to its programming structure via email and general networking, Linux would be better.

2) Administrative staff share inkjet printers - Could be on a wireless network, and as it does not state it is internal/not wireless or password protected, this is one possible entry for an advanced hacker by hacking the port.

3) Each employee has a network drive and there are a number of shared drives holding information on clients and insurance companies - It does not state the network is internal, thus I assume its wireless, this is a risk to data protection due to shared drives holding information on clients and insurance companies from outside influence; however the fact that so many members of staff have access to these files gives and their shared components equals another internal risk.

4) Not all administrative staff have the same access to the shared drives. This results in administrative staff sharing logon and password details to be able to access information - This one is self explanatory, sharing logon and password details is directly comprising network security, as it could be shared within internal or external circles.

5) On the shared drives, there are no file management protocols and everyone seems to file information where they themselves think is suitable - No Protocols is a BAD idea, due to anyone in any department from any network could find and access these fairly easy, also is a risk to the data protection act.

I'm by no means doing a computer related degree, quite the opposite... however, I hope this gives you some ideas.
2
reply
zxcasdqwe
Badges: 0
Rep:
?
#4
Report Thread starter 6 years ago
#4
thanks alot, things i didnt even consider... but what are the security risks of staff sharing login details
0
reply
zxcasdqwe
Badges: 0
Rep:
?
#5
Report Thread starter 6 years ago
#5
what are you studying shadow, i'm doing business and i'm not great with technology. =/
0
reply
$hadow
Badges: 11
Rep:
?
#6
Report 6 years ago
#6
(Original post by zxcasdqwe)
thanks alot, things i didnt even consider... but what are the security risks of staff sharing login details
4) Not all administrative staff have the same access to the shared drives. This results in administrative staff sharing logon and password details to be able to access information -

This one is self explanatory, sharing logon and password details is directly comprising network security, as it could be shared within internal or external circles.

It's a remote access risk due to the password's being handed out; thus if the password ends up in the hands of a hacker, the security of the network e.g Firewall would be useless and network security would be seriously comprised.

(Original post by zxcasdqwe)
what are you studying shadow, I'm doing business and I'm not great with technology. =/
I'm applying for University this year; hoping to gain a place on a Physiotherapy course in September. But I have had lots of personal experience with networking and database (SQL, specifically) security/setup when I was younger as a Lead Moderator on an networking forum.
0
reply
shona_c_1978
Badges: 0
Rep:
?
#7
Report 5 years ago
#7
Hi zxcasdqwe

How did you get on with that sample question last year? I've got it now to do but finding it difficult. We've not got it as a Graded Unit exam sample we've got it as an assessment in Office Technologies class. We've to write it as a report.

Shona
)
0
reply
Taperack123
Badges: 0
Rep:
?
#8
Report 4 years ago
#8
Ive had the same questions any help for solutions would be very appreciated
0
reply
X

Quick Reply

Attached files
Write a reply...
Reply
new posts
Back
to top
Latest
My Feed

See more of what you like on
The Student Room

You can personalise what you see on TSR. Tell us a little about yourself to get started.

Personalise

University open days

  • Durham University
    Pre-Application Open Days Undergraduate
    Sat, 21 Sep '19
  • University of Exeter
    Undergraduate Open Day - Penryn Campus Undergraduate
    Sat, 21 Sep '19
  • Loughborough University
    Undergraduate Open Day Undergraduate
    Sat, 21 Sep '19

What's your favourite genre?

Rock (220)
23.66%
Pop (230)
24.73%
Jazz (35)
3.76%
Classical (56)
6.02%
Hip-Hop (174)
18.71%
Electronic (62)
6.67%
Indie (153)
16.45%

Watched Threads

View All